Login

GLSA-200608-01 : Apache: Off-by-one flaw in mod_rewrite

High Nessus Plugin ID 22143

Synopsis

The remote Gentoo host is missing one or more security-related patches.

Description

The remote host is affected by the vulnerability described in GLSA-200608-01 (Apache: Off-by-one flaw in mod_rewrite) An off-by-one flaw has been found in Apache's mod_rewrite module by Mark Dowd of McAfee Avert Labs. This flaw is exploitable depending on the types of rewrite rules being used. Impact : A remote attacker could exploit the flaw to cause a Denial of Service or execution of arbitrary code. Note that Gentoo Linux is not vulnerable in the default configuration. Workaround : There is no known workaround at this time.